Privacy Policy

Effective: [EFFECTIVE_DATE] · Last updated: [EFFECTIVE_DATE]

1. Who we are

NoticeFlow ("NoticeFlow", "we", "our") is operated by Geotechnical Toolkit Pty Ltd (ABN 65 685 887 996), based in Australia. We are bound by the Australian Privacy Principles set out in the Privacy Act 1988 (Cth).

For any privacy-related questions or to exercise your rights below, email support@noticeflow.ai.

2. What we collect

We collect only what we need to deliver the service:

• Account details — your name, email address, and a hashed password.
• Mailbox connection — when you connect a Gmail or Microsoft mailbox via OAuth, we receive and securely store access and refresh tokens. We never see your mailbox password.
• Recipient data you upload — your CSV files, including recipient names, email addresses, and any custom variables you include. This data is treated as confidential business information belonging to you.
• Email templates and attachments — the subject and body of campaigns, signature HTML, DOCX templates, and the personalised PDFs we generate.
• Billing data — when you purchase a plan, your name, email, and the Stripe customer ID. We do not see or store your full card number — that is held by Stripe.
• Operational logs — send timestamps, success/failure status, and error messages. Used solely for delivery confirmation and debugging.
• Session cookies — strictly-necessary cookies to keep you signed in. We do not set advertising or cross-site tracking cookies.

3. How we use Google user data

When you connect a Gmail mailbox, you grant NoticeFlow the gmail.send OAuth scope. We use this access for exactly one purpose: sending the emails you compose and queue, from your own address, on your behalf.

NoticeFlow's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

• We do not read, store, or use the content of any messages in your inbox.
• We do not transfer Google user data to any third party, except as necessary to deliver the email itself (i.e., to Google's own SMTP API).
• We do not use Google user data for advertising, profiling, or any purpose unrelated to providing the NoticeFlow sending service.
• We do not use Google user data to train AI/ML models. Where AI-assisted rewrite is used (Anthropic Claude), only the text you explicitly submit from the editor is sent; we do not feed mailbox or recipient data to AI providers.

You can disconnect Gmail access at any time from your dashboard or at myaccount.google.com/permissions. Disconnection revokes our token immediately.

4. How we use Microsoft user data

When you connect a Microsoft 365 / Outlook mailbox, we use the Mail.Send Microsoft Graph permission for the same single purpose: sending the emails you queue, from your address, on your behalf. The same restrictions in §3 apply: we don't read your inbox, share data with third parties, use it for advertising, or train AI on it.

5. Third parties we use

We use a small number of vetted third parties to run the service:

• Stripe (payments and billing) — receives your name, email, country, and the items you purchase. See Stripe's privacy notice.
• Google Workspace / Microsoft Graph — receives the email you send (this is unavoidable for any email service).
• Supabase (database and file storage) — hosted in Australia/Singapore region.
• Anthropic (AI rewrite, optional) — receives only the template text you explicitly send to the AI rewriter. No recipient data, no mailbox content.
• Vercel (web hosting) — receives standard request logs (IP address, user agent).

6. Where we store data

Account data and recipient lists are stored in databases hosted in Australia (Supabase Sydney region) . OAuth refresh tokens are encrypted at rest using AES-256-GCM with keys held in our server environment, never in the database in plaintext. We retain billing records for 7 years as required by Australian tax law.

7. How long we keep data

• Account data: until you delete your account.
• Recipient lists and campaign data: until you delete the campaign, or until you delete your account.
• Sent-email logs: 24 months (then deleted automatically), or sooner if you delete the campaign.
• Billing records: 7 years (tax record retention requirement).

8. Your rights

Under the Privacy Act 1988 and (if applicable) GDPR, you can:

• Request a copy of all personal data we hold about you.
• Correct inaccurate data.
• Delete your account and associated data (subject to billing retention).
• Object to certain processing or request a transferable export.
• Complain to the Office of the Australian Information Commissioner (OAIC) if you believe we've mishandled your data.

To exercise these rights, email support@noticeflow.ai. We will respond within 30 days.

9. Security

We follow industry standards including: encrypted connections (HTTPS) for all traffic, password hashing (scrypt), encrypted-at-rest OAuth tokens, signed webhook verification for payment events, and per-user data isolation in the database. No system is perfectly secure; you can help by using a strong password and keeping your account email secure.

10. Data breach notification

If we become aware of a data breach that is likely to result in serious harm, we will notify affected users and the OAIC within 30 days, as required by the Notifiable Data Breaches scheme.

11. Children

NoticeFlow is a business tool intended for adults. We do not knowingly collect personal information from anyone under 18. If you believe we have, contact us and we will delete it.

12. Changes to this policy

We may update this policy from time to time. Material changes will be notified to active users by email at least 30 days before they take effect.

Contact

Email: support@noticeflow.ai